The Lookout: Trojan Masquerades as Security Update

Antivirus vendors have raised the alarm about a malicious new Trojan horse masquerading as a critical Microsoft security patch. The e-mailborne attack highlights a growing trend of social-engineering tactics being used to dupe users into downloading malicious files. The e-mail includes the Microsoft Windows logo and is disguised under one of the following subject lines: "Update your Windows machine," "Urgent Windows Update," or "Important Windows Update." It purports to come from "Windows Update" ( update@microsoft.com ) and includes links pointing to an "Express Install: High Priority Updates For Your Computer." If users follow the link in the e-mail and try to download the fake patch, a Trojan, identified by antivirus specialist Sophos Inc. as Troj/DSNX-05, is installed instead.

This is not the first time a bogus Microsoft security patch has been used. Back in 1994, a patch promising to protect users from the MyDoom worm turned out to be a malicious virus targeting Windows machines throughout Europe and parts of North America.